The Internet is rapidly changing the way business is conducted. Existing security mechanisms are deemed to be adequate for low value transactions, but are not sufficient for high value business-to-business (B2B) and Business-to-Consumer (B2C) transactions. Current solutions generally use Secure Socket Layer (SSL) to encrypt traffic between a client's browser and a web server. SSL provides confidentiality by encrypting session traffic at the network level, but does not provide authentication or non-repudiation of transactions. In addition, SSL protects traffic between the browser and the web server only. Many applications reside on a separate server, with the web server providing the front-end or user interface. Traffic between the web server and the application server is not protected by SSL. See FIG. 1. More particularly, known SSL systems employ 40 bit encryption with an option to upgrade to 128 bit encryption. Authentication is performed using standard password techniques. Batch transfer of large data files is not feasible.
FIG. 1 illustrates a conventional SSL system. As shown, an SSL web client 1 is connected to a web server 2 via the Internet. Communication between the SSL web client 1 and the web server 2 is protected through encryption. Web server 2 also communicates with database server 3. However, no further security is associated with the communication.
Since web servers are often placed outside of the corporate firewall to allow open access to customers and partners, i.e., on untrusted networks, the web server is open to attack. There have been several documented attacks on web servers where customer information (i.e., credit card numbers) that was protected via SSL has been compromised. Further, although the data may be protected in transit, cases involving the defacement of web pages are too numerous to list.
Firewalls have been widely deployed on the Internet to protect corporate networks from outsiders. In order to allow access to customers and partners, services must be allowed through the firewall. Adding new services means adding new access holes in the firewall, and potentially adding new vulnerabilities. If an unauthorized user traverses the firewall, they may attack the web server with relative anonymity. Accordingly, there is a need for a system for secure communicating data between domains that protects the integrity of data in transit and data stored on a back-end server, e.g., web server, while allowing the appropriate level of access to authorized users.